VC++ / MFC / C++

Results 1 to 7 of 7

Thread: checking for security issues

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

Previous Post

Next Post

October 15th, 2008, 07:01 AM #5
PeejAvery

View Profile

View Forum Posts

Elite Member Power Poster
Join Date

May 2002

Posts

10,943
Re: checking for security issues

Ouch. I wouldn't have that code live if I were you.

PHP 4 and 5 come with Magic Quotes. This will automatically escape all client to server passed variables (GET & POST). However, not all PHP configurations have this turned on. In fact, for PHP 6 it has been deprecated. So, here is what I would suggest doing at the top of every page you process GET or POST variables.

PHP Code:

<?php if (!get_magic_quotes_gpc()) { foreach ($_POST as $k => $v) { // you can also change this to $_GET for URL variables $_POST[$k] = mysql_real_escape_string($v); } } ?>

If the post was helpful...Rate it! Remember to use [code] or [php] tags.

Reply With Quote

Quick Navigation Scripting - Server Side (PHP, Perl, etc.) Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Click Here to Expand Forum to Full Width

Featured

The Best Reasons to Target Windows 8

* Porting from Android to Windows 8: The Real Story
Do you have an Android application? How hard would it really be to port to Windows 8?
* Guide to Porting Android Applications to Windows 8
If you've already built for Android, learn what do you really need to know to port your application to Windows Phone 8.
* HTML5 Development Center
Our portal for articles, videos, and news on HTML5, CSS3, and JavaScript
* Windows App Gallery
See the Windows 8.x apps we've spotlighted or submit your own app to the gallery!

Terms and Conditions | About Us | Privacy Notice | Contact Us | Advertise | Sitemap| California - Do Not Sell My Info

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

All times are GMT -5. The time now is 05:33 AM.

Copyright TechnologyAdvice